Continuing the discussion from Get user's username / password from keychain?:

As part of my solution, I’d get a user of my Applet to create a password item entry in their Keychain that hold the user name & password of an Admin account that my Applet can access so it can do it’s little trick…

I’ve worked out how to get a Password from Keychain Access (Thanks to Tobias), but I can’t for the life of me, work out how to get the “Account” (or user name) from the Keychain item. Tobias suggested I could use: short user name of (system info)

My concern is that some users might use two user accounts, usually using a non admin account for safety, and have a separate Admin account.

Querying “short user name of (system info)” just returns the short user name of the active user’s account but I’d love to get the “Account” name entered into the Keychain access along with the admin password:

doing " do shell script “security find-generic-password -s MyKeychainItemname” returns: (I’ve sanitised the username)

keychain: “/Users/a_user/Library/Keychains/login.keychain-db”
version: 512
class: “genp”
attributes:
0x00000007 <blob>=“com.furbies.google-drive-launcher”
0x00000008 <blob>=<NULL>
“acct”<blob>=“admin_user_acct”
“cdat”<timedate>=0x32303234303930383134303732325A00 “20240908140722Z\000”
“crtr”<uint32>=<NULL>
“cusi”<sint32>=<NULL>
“desc”<blob>=<NULL>
“gena”<blob>=<NULL>
“icmt”<blob>=<NULL>
“invi”<sint32>=<NULL>
“mdat”<timedate>=0x32303234303930383134303732325A00 “20240908140722Z\000”
“nega”<sint32>=<NULL>
“prot”<blob>=<NULL>
“scrp”<sint32>=<NULL>
“svce”<blob>=“com.furbies.google-drive-launcher”
“type”<uint32>=<NULL>

My question is, can anyone help me get the “admin_user_acct” from the result ?

I think I need to find the line that starts with “acct” and then copy out the admin_user_acct from: “acct”<blob>=“admin_user_acct”, but Regex just has me sitting in the corner, raving & drooling ?

Can anyone help ?

tia

furbies

(apologies for the multiple edits. had trouble escaping out some charaters so they show correctly)

Unbelievably, I managed to find a solution and it didn’t involve Regex !!

I’m sure there’s some edge case i haven’t tested for, but the code does return the result I’m expecting.

I’m going to try uploading it as an Applescript file , cause I can’t figure out how to post Applescript without it’s formatting messing up badly.
getUsernameFromKeychain.applescript (13.7 KB)

Tobias was right in that there are better solutions:

A lucky Google query found this:

Hello @furbies

Yes I suggested this as an example … there are quite more options … I actually am not at home but you could search this forum or the web for the other options on getting an account name with AppleScript …

I‘m sorry for not providing more Info on this… but my iPhone is almost without battery (5%) and I also don’t have much time now.

Greetings from Germany

Tobias

In the Applescript I posted above there’s one small correction:

change:

	set TheResult to do shell script "security find-generic-password -s " & keychainItemName

to

	set TheResult to do shell script "security find-generic-password -s " & quoted form of keychainItemName

Tobias, your solution does work, but if the admin name is different then your solution fails ?

I need to be able to access the username as entered in the application password entry in Keychain access